CPP
Existing customers

Are you a CPP Card Protection or Identity Protection (IPA) customer?

Click here to access our customer Product pages:

cpp card protection cpp identity protection
Importante comunicazione ai clienti CPP Italia

Desideriamo informarti che, a seguito dell'acquisizione di IGS EMEA, la nostra società ha cambiato denominazione sociale. II nostro nuovo nome è: Integral Group Solution Italia.

Per maggiori informazioni e per continuare a usufruire dei nostri servizi, ti invitiamo a visitare il nuovo sito ufficiale: www.igroupsolution.net/it/inizio/

Ti ringraziamo per la fiducia e restiamo a tua disposizione, per qualsiasi necessità scrivi a: [email protected]

Introduction

Welcome to CPP Secure Limited’s privacy notice. This privacy notice provides details of how we will use, disclose, transfer and store personal information collected from you.

About us

CPP Secure Limited is a company registered in England and Wales with company number 10257192 whose registered office is at 19th Floor, 51 Lime Street, London, EC3M 7DQ (CPP Secure, us, we, our).

CPP Secure is registered as a Data Controller with the Information Commissioner’s Office with the registration number ZA224060. CPP Secure is registered with the Financial Conduct Authority with firm reference number 790304.

CPP Secure is part of the CPPGroup Plc group of companies (CPP Group). You can find out more about the CPP Group by visiting cppgroup.com.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

CPP Secure sells, and is an administrator of, insurance policies. This privacy notice sets out how we will process personal information collected in relation to Excess Protect, Total Loss Protect, Early Termination Insurance, Gap Insurance and Appliance Warranty insurance policies underwritten by Acasta European Insurance Company Limited (“Acasta”), in accordance with the applicable data protection legislation, including the Data Protection Act 2018. The provider of insurance, Acasta, will be referred to as the Insurer in this privacy notice and the individual using such insurance will be referred to as you.

Contact details

You can contact us:

  • by post at: CPP Secure Limited, Data Protection, 19th Floor, 51 Lime Street, London, EC3M 7DQ; or
  • by email at: [email protected]

What personal information we collect and why

In order to administer the insurance policy to you and for the Insurer to provide the insurance policy in accordance with the policy terms and conditions, we will obtain standard personal information and special category information about you.

We may obtain your personal information from the business from which you purchased the insurance policy, as well as obtaining your personal information directly from you.

We may obtain further information in any communication that you send to us including the communication content and metadata associated with the communication (if applicable) and any other personal information that you choose to send to us.

The information we have obtained or will obtain will be all or some of the following:

Standard Personal Information Source (data subject or any other organisation)
Your Name Your insurance broker
Your Address Your insurance broker
Your Date of Birth Your insurance broker

 

Your Policy Number
Your Contact Details including your email address or telephone number Your insurance broker
Details of your Vehicle such as your vehicle registration, make and model Your insurance broker
Details of your Appliance such as the make, model and registration number Your insurance broker
Details of your Vehicle finance agreement or your leasing agreement Your insurance broker
Information contained in or relating to any communication that you send to us Data Subject

Should you need to amend details in relation to your insurance policy, we may request or obtain further information from you in order for the Insurer to provide the benefits under the insurance policy terms and conditions. Where we need to collect and use personal information by law, or under the terms of the contract for the insurance policy and you fail to provide that information when requested, we, and the Insurer, may not be able to perform the contract for the insurance policy.

How your personal information is used

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  • Where we need to administer the insurance policy.
  • Where we need to comply with a legal obligation.

Set out below, in a table format, is a description of all the ways we use your personal information, and which of the legal bases we rely on to do so.

Purpose/Activity Lawful basis for processing
To administer the insurance policy including reviewing policy documentation, collecting and refunding premiums, and informing the underwriters of any business changes that affect the policy Necessary for the performance of the contract.
To handle claims Necessary for the performance of the contract.
To handle complaints Necessary to comply with legal and regulatory obligations
For reporting and analysis of product performance, including reporting to the underwriter and regulators Legitimate interest of the administrator and underwriter, to improve the commercial performance of the product

Necessary to comply with regulatory obligations
Internal record keeping Necessary to comply with legal and regulatory obligations

 

Who your personal information might be shared with

We may share your personal information with other organisations as necessary, these are:

  • The Insurer, approved suppliers and service providers (which will include other companies within the CPP Group which provide services to us) where this is reasonably required to provide the insurance policy, deal with your claim or provide services on our behalf. These suppliers may have access to personal information needed to perform their functions in relation to the insurance policy but are not permitted to share or to use such information for any other purpose.
  • Third parties where this is necessary to comply with any statutory, legal or regulatory obligations.
  • Other companies within the CPP Group e.g. to the extent needed for proper management and parental analysis and decision making.

How long your information is held

We will hold your information for the duration of the insurance policy and for seven years after it ends.

International transfers

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it.  We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data, or we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

Data security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your rights under Data Protection legislation

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. If you think any information we have about you is incorrect or incomplete, please contact us as soon as you can using the contact details set out below. We will correct or update any information as soon as possible.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, you can contact us:

  • by post at: CPP Secure Limited, 19th Floor, 51 Lime Street, London, EC3M 7DQ;
  • by email at: [email protected]

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

We will try to respond to all legitimate requests within one month from the date of your request. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (see https://ico.org.uk).  We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.